We are aware of an ongoing cyber incident affecting the SolarWinds Orion suite of IT management tools. The National Cyber Security Centre (NCSC) has published guidance to firms to help identify if they may be affected. It includes a list of immediate actions to take if you are using these tools. We have been asked, along with regulatory bodies across other sectors, to assist NCSC in promoting this guidance.
See the NCSC guidance[1]. It will be updated regularly by the NCSC where more information is available.
We recommend that all firms using SolarWinds tools review the NCSC guidance to ensure the safety of their firm’s systems. Please note any operational impacts associated with this issue should be escalated via normal supervisory reporting processes.